I've been running into an issue on several servers where CMC actually causes the contents of modsec2.user.conf to be duplicated within itself.

This is on up-to-date cPanel builds.

I tested this on a fresh server, by installing a basic rule set into modsec2.user.conf. As soon as I installed CMC and performed any actions in it, that file was duplicated within itself, causing duplicate rule IDs and subsequently breaking apache. I believe this happens when CMC goes to add its own includes line there for the whitelist file, but that could be unrelated to the bug itself.